原則 5:邊界強化
面對舊有系統漏洞,邊界防禦是您最強大的資產。
- 立即更換 預設密碼。
- 實施防釣魚多因素驗證 (MFA)。
- 使用具備環境感知能力的存取控制(位置、系統版本、時間)。
原則 6:限制影響範圍
假設入侵終將發生,並以此設計您的網路架構以遏制威脅。
- 網路分割: 透過防火牆隔離不同功能的網路。
- 防範橫向移動: 利用微分割阻斷主機間的跳轉。
原則 7:記錄與監控
日誌必須具備可操作性,而非僅僅存儲。
| 重點領域 | 行動建議 |
|---|---|
| 異常偵測 | 針對流量基準建立警報。 |
| 緊急帳號 (Break-Glass) | 針對緊急帳號的使用觸發最高等級警報。 |
| 數據流監控 | 持續監控跨網段的數據傳輸。 |
原則 8:建立隔離計劃
制定「緊急切斷」策略,並確保關鍵功能維持運作。
- 在真正的緊急情況發生前,先行測試站點隔離。
- 確保關鍵功能可在「離線模式」下運作。
runZero 如何提供協助
獲取 OT 環境的全面可見性:
- 發現覆蓋缺口 與橋接設備。
- 識別邊緣設備 及其未經授權的連接。
- 稽核硬體 是否存在預設配置風險。
About runZero
runZero, a network discovery and asset inventory solution, was founded in 2018 by HD Moore, the creator of Metasploit. HD envisioned a modern active discovery solution that could find and identify everything on a network–without credentials. As a security researcher and penetration tester, he often employed benign ways to get information leaks and piece them together to build device profiles. Eventually, this work led him to leverage applied research and the discovery techniques developed for security and penetration testing to create runZero.
About Version 2 Digital
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
